package com.sce.core.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter{

	@Autowired
	private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
	
	@Autowired
	private CustomLogouSuccessHandler customLogouSuccessHandler;
	
	@Override
	public void configure(HttpSecurity http) throws Exception{
		http
		.exceptionHandling()
		.authenticationEntryPoint((AuthenticationEntryPoint) customAuthenticationEntryPoint)
		.and()
		.logout()
		.logoutUrl("/oauth/logout")
		.logoutSuccessHandler((LogoutSuccessHandler) customLogouSuccessHandler)
		.and()
		.authorizeRequests()
		.antMatchers("/hello").permitAll()
		.antMatchers("/sayHello").authenticated();
	}

}
